Nullptr crash in Document::open after calling policyChecker().stopCheck()
authorrniwa@webkit.org <rniwa@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 2 Apr 2019 06:44:45 +0000 (06:44 +0000)
committerrniwa@webkit.org <rniwa@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 2 Apr 2019 06:44:45 +0000 (06:44 +0000)
commitdb21602f27142e4e38f6e6ce3fa1e19c9e4243bc
tree877acf90d5afbd1357e9babc4dc6176c802cf594
parent258f6cffb7b71d7f938fce56b4c2de5c5d01c1ba
Nullptr crash in Document::open after calling policyChecker().stopCheck()
https://bugs.webkit.org/show_bug.cgi?id=196479

Reviewed by Antti Koivisto.

Added a missing nullptr check in Document::open after calling m_frame->loader().policyChecker().stopCheck()
since it invokes m_willSubmitFormCompletionHandlers in WebKit2, and that could clear m_frame.

Unfortunately, we don't have any reproducible test case.

* dom/Document.cpp:
(WebCore::Document::open):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243738 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebCore/ChangeLog
Source/WebCore/dom/Document.cpp